1) Is the PTP course well organized?2) Could anyone who has taken training from Offensive Security and eLearnSecurity give opinions on how the two compare? (it looks like the PTP course goes a little more indepth on some topics) Which puts the material into a better organized methodology?3) Is it worth the money, especially if you already have OSCP?

I really enjoy the security aspect of my job, but since it is not the sole focus of my job, getting $$ and time allocated for training like this is not easy. Any opinions/guidance would really be helpful.

I'm studying eLearnsecurity's PTP course. I haven't taken OSCP so I won't be able to compare them. xXxKrisxXx did a nice comparison of both the above courses here http://www.ethicalhacker.net/component/ ... /#msg30830I think Hayabusa is also enrolled in PTP and has already attained OSCP cert. so he will also be able to provide some valuable input.

1) Is the PTP course well organized?

Yes. It covers 3 modules- Web application security, Network security and System security.Network security module covers the pentesting methodology and tools. I didn't find anything exceptional here which isn't already in other courses' syllabus- and OSCP's too. System security module is good and though it covers some sections extensively and just introductory stuff for others.Web application security module is very good. Armando has written it really well. Out of all the three, I enjoyed this module the most. His web application footprinting methodology and other stuff is really useful.

My opinion of this course is that, it tries to cover a lot of stuff, and achieves this objective to some extent. But, as a result it also misses some some useful stuff. It gives you pointers/introduction to a lot of stuff, but doesn't cover anything in so much detail so as to make you a perfectionist (I specially found this to be a problem with the system security module).

2) Could anyone who has taken training from Offensive Security and eLearnSecurity give opinions on how the two compare? (it looks like the PTP course goes a little more indepth on some topics) Which puts the material into a better organized methodology?

I can't answer this question. However, from what I've gathered through other members' posts, OSCP has lot of labs. You'll be disappointed with PTP as far as labs go. For the few labs there are you'll have to download the software on your machine and practice it.

3) Is it worth the money, especially if you already have OSCP?

Again, I can't compare it with OSCP. I think PTP is a good beginner to medium level course. System security module just touches a lot of stuff but doesn't go in-depth. Network security module covers a good deal of network pentest stuff but nothing exceptional. Web application portion is very good, and what it covers, it covers in detail.

Hope it helps. Feel free to PM me or ask here if you've more specific questions.

Thanks for referencing my post Equix3n, I tried to compare them quickly and that's all I had. I'm thinking about doing a full side-by-side comparison between the two and go more in depth. I also fully agree with Equix3n's answers above to your questions eternal_security.

(it looks like the PTP course goes a little more indepth on some topics)

I'd say it goes more in depth mainly on the web application attack section. More topics are covered and it's the courses strong section but it's a go figure on this, considering to pass the exam you have to break a web application. eLearnSecurity also has some nessus stuff and brings in more point and click tools to use during a pentest while PWB is like more focusing on getting your ninja command-line skills prepped. I'll try to answer two of the questions just based off of my opinion.

2) Could anyone who has taken training from Offensive Security and eLearnSecurity give opinions on how the two compare? (it looks like the PTP course goes a little more indepth on some topics) Which puts the material into a better organized methodology?

Comparison wise - both to earn the certification you have to provide practical skills in breaking something and you have to provide a report. I've heard the reports not necessary but high recommended for PWB v3 and is recommended for eLearnSecurity's course. Comparing them further they both have videos in the course which demonstrates tool usage.

3) Is it worth the money, especially if you already have OSCP?

I'd hate to sound like I'm knocking the course but here I think it really depends. I think the OSCP course was more hands-on and I've learned more. I honestly haven't gone in depth with looking at the information in the first 2 modules of eLearnSecurity's PTP course - System Security and Network-Security. I've skimmed them a little bit but I've been mainly paying attention to the Web Application Security module simply because the exam is more focused on it.

I think if you have your OSCP already - your knowledge goes passed eLearnSecurity's Network Security section. Their System Security section gives you a minor introduction into Cryptography and Password Cracking, Buffer Overflows, shellcode, malware and rootkit coding. Your prime interest if you hold an OSCP Certification from pwb v3 would be their web application module. I haven't taken CEH but I'd just say eLearnSecurity because they have a practical exam and required report to earn the certification, it surpasses what a person has to do to earn their CEH certificate. Sure the CEH may cover more topics and a large amount of tools than PTP but I think penetration testing training should be focused on getting hands-on experience with tools - Getting down and dirty in a real life testing environment, being placed in scenarios and situations where you have to prove you've learned your material. I think PTP has this to an extent but PWB v3 has it more so.

Long story short, if you have your OSCP I think the course would be beneficial for upping your web application attack skills a little bit more but it's really up to you if you want to spend the money just to get the little extra material this course covers that PWB doesn't.

eternal_security I know you said security isn't the sole focus of your job, but perhaps opting for the OSCE certification would be better in this situation? Have you ever thought about taking it?

I just got the results today from the exam, so from now on I am an eCPPT!

I really liked the course. It is very well structured, and a very important advantage is that you can access it any time.

Now I am doing some checks for work and I use the course as a guide for the most important steps. I recommend following the course multiple times, because there is so much information so you can't digest it in a single shot.

I just wait for the new course they will produce (supposed to be an advanced one).

I found this course to take you from the novice to an intermediate level for the web application part, and this is what I wanted. The other two modules are at an intermediate level.

MindOverMatter wrote:I was wondering if anyone who's received their eLearnSecurity's ePPT certificate/certification would mind sharing it with us.. Maybe block out the name if that would pose a problem...

I only received a pdf that it is a diploma. I don't know if I'll receive a printed one.

impelse wrote:Alucian How long did you wait for your exam results?

I waited a month until I had an answer. Initially they asked me to redo the report, because it didn't look so good (I made it in one day so..). Also, I had put the wrong names for some vulnerabilities, plus I went a little further than the scope of the test, so I had to remove a find. These comments made me think that he really looked very carefull at my report.

So, I had a week to redo the formatting of the report, not to redo the test. If my refined report wasn't good enough in terms of findings I would had to redo the test, but it was good enough to receive the certification.I really appreciated this, and I am sure that Armando is extremely busy.